| Название | ChrisChinchilla Vale-MCP 0.1.0 Command Injection |
|---|
| Описание | A command injection vulnerability (CWE-78) has been identified in vale-mcp, specifically within the vale-runner.ts component. An attacker with network access to the MCP/HTTP interface can supply maliciously crafted input through the config_path or other tool arguments, which flows unsanitized into OS command execution via exec or execAsync. This allows arbitrary system commands to be executed with the privileges of the server process, leading to full host compromise, including data exposure, integrity loss, and potential service disruption. Versions up to and including 0.1.0 are confirmed affected.
|
|---|
| Источник | ⚠️ https://github.com/wing3e/public_exp/issues/27 |
|---|
| Пользователь | BruceJin (UID 96538) |
|---|
| Представление | 22.03.2026 14:50 (19 дни назад) |
|---|
| Модерация | 05.04.2026 18:01 (14 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 355411 [ChrisChinchilla Vale-MCP до 0.1.0 HTTP Interface src/index.ts config_path эскалация привилегий] |
|---|
| Баллы | 20 |
|---|